Reviewed by: Andrew
J Lee. Date: Nov 2003
Brief review:
Sophos makes Anti-virus products targeted specifically to the business
market, and does not as such sell to the home user. This is a good
strategy because it provides them a focus on the business market where
they can meet the specific needs of that environment. Consequently,
it plays very well on networks, is lightweight (in terms of footprint
and resources - NOT on detection of course!), and is extremely scalable
and manageable on large and diverse networks. This review will concentrate
mainly on the actual scanner, but it should be borne in mind that
the product reveals it's true strength when deployed in a networked
environment with the Enterprise Management software to control it
all.
In depth review:
There has long been a battle in the anti-virus world between the proponents
of the "detect and disinfect" method of handling virus infections
and the "detect, delete and replace" camp. Sophos has traditionally
fallen into the latter category, and indeed until a couple of years
ago, did not provide explicit disinfection routines in it's product.
Now, in common with most other antivirus software vendors Sophos offers
disinfection utilities, and a checkbox option to disinfect files.
In it's "best practice
guidelines" Sophos recommends the replacement of files from clean
backups. However, the user is now completely free to proceed with
disinfection of files. While it is certainly a very good idea to replace
files from complete backups, it is not always either desirable or
practical, especially where large numbers of machines are affected,
and this seems to have now been recognized by Sophos. In most circumstances
it certainly very able in its disinfection, so it seems that, if they
must bow to the pressure to provide disinfection, they've made every
effort to make sure it is done as well as possible.
The interface is slightly
dated in terms of looks, but there are two reasons why this should
not be an issue. Firstly, it is a business targeted product, the end
user will have little contact with the actual GUI, unlike home users
who seem to be drawn more to the "pretty" appearance of certain other
products. Secondly, the network administrator will be more concerned
with making sure that the flexibility and options are there (which
they certainly are in Sophos products), and that the footprint is
as small as possible - often the cause of much of the "bloatedness"
in modern products is the fancy front end bells and whistles.
There are a large range
of alerting and scanning options, again more suited (rightly, considering
it's target) to the network administrator, and scans can be scheduled
to run at regular intervals. Sophos AV is extremely well behaved in
terms of it's interaction with the Operating System, and in interaction
with other products. In terms of virus detection, which is of course
where it counts, Sophos have steadily held an exemplary record, doing
particularly well with "In-The-Wild" testing. They are fast
to release new detection, and they provide good, comprehensive information
about emerging threats both through their website, and through their
free mailing lists, they also frequently provide standalone disinfection
tools for major threats which are made freely available on their website.
Sophos also allow customers
who buy the product for their business to install it on the home PC's
of their employees, which can only be a good thing, unfortunately,
as it is so focused on networked environments, it is possibly not
the best suited product to home use. There is a complementary product
called "Remote Update" which can aid businesses to keep their home
and remote users updated, and this can work very well, but does require
a server at the business end, something which may not be available
to smaller businesses. All in all, Sophos Anti-Virus is a well thought
out, flexible, and extremely efficient product which, through year
on year improvement, and a painstaking attention to quality, has much
to recommend it to the business community.
Pros:
- Top notch support - probably the best of any AV company, this is mainly because
there is no "home user" component to block up the phone lines, but
also, callers are quickly routed to real humans who know the product
inside out, and who are able to answer most queries quickly and
thoroughly.
- Quick to release Detection Updates for new Viruses.
- Fast and Efficient, with a small installed footprint. Ideal for rolling out over a network.
Cons:
- Not suited to home use (This is not really a con, but as Sophos allow home use with their licenses it should be mentioned)
- Old looking interface (Again not a really con, but it could use
a bit more user friendliness)
Languages Supported:
- English
- German
- French
- Spanish
- Japanese
- Italian
- Portuguese
- Chinese Traditional
- Simplified Chinese
- Korean
